| # OpenSSL Advisory: January 27th, 2026 (BoringSSL Not Affected) |
| |
| OpenSSL have published a [security advisory](https://openssl-library.org/news/secadv/20260127.txt). Here's how it affects BoringSSL: |
| |
| CVE | Summary | [Severity] in OpenSSL | Impact to BoringSSL |
| ----|---------|-----------------------|--------------------- |
| CVE-2025-11187 | Improper validation of PBMAC1 parameters in PKCS#12 MAC verification | Moderate | Not affected, issue was introduced after fork. BoringSSL has an independent, minimal PKCS#12 implementation. |
| CVE-2025-15467 | Stack buffer overflow in CMS AuthEnvelopedData parsing | High | Not affected, issue was introduced after fork. BoringSSL removed the affected module in the initial fork. |
| CVE-2025-15468 | NULL dereference in SSL_CIPHER_find() function on unknown cipher ID | Low | Not affected, issue was introduced after fork. |
| CVE-2025-15469 | "openssl dgst" one-shot codepath silently truncates inputs >16MB | Low | Not affected, issue was introduced after fork. |
| CVE-2025-66199 | TLS 1.3 CompressedCertificate excessive memory allocation | Low | Not affected, issue was introduced after fork. BoringSSL has an independent implementation of RFC 8879 and [correctly checks the uncompressed length](https://www.rfc-editor.org/rfc/rfc8879.html#section-5-5). |
| CVE-2025-68160 | Heap out-of-bounds write in BIO_f_linebuffer on short writes | Low | Not affected; BoringSSL removed the affected code, and other VMS support, in the initial fork. |
| CVE-2025-69418 | Unauthenticated/unencrypted trailing bytes with low-level OCB function calls | Low | Not affected; BoringSSL removed the affected code in the initial fork. |
| CVE-2025-69419 | Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion | Low | Not affected, issue was introduced after fork. |
| CVE-2025-69420 | Missing ASN1_TYPE validation in TS_RESP_verify_response() function | Low | Not affected, issue was introduced after fork, BoringSSL removed the affected module in the initial fork. |
| CVE-2025-69421 | NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function | Low | Not affected; BoringSSL removed the affected code in the initial fork and has an independent, minimal PKCS#12 implementation. |
| CVE-2026-22795 | Missing ASN1_TYPE validation in PKCS#12 parsing | Low | Not affected; BoringSSL removed the affected code in the initial fork and has an independent, minimal PKCS#12 implementation. |
| CVE-2026-22796 | ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() | Low | Not affected, issue was introduced after fork. BoringSSL removed the affected module in the initial fork. |
| |
| [Severity]: https://openssl-library.org/policies/general/security-policy/index.html#issue-severity |
| |
| ## `ASN1_TYPE` Type Confusion |
| Several issues in this advisory are due to the OpenSSL `ASN1_TYPE` structure, which represents an ASN.1 ANY value. The `ASN1_TYPE` structure contains a C `union`. All accesses must take care to check the type field before accessing the `union`. |
| |
| While BoringSSL was not affected by any of the type confusion issues, it does share the `ASN1_TYPE` structure itself. The `ASN1_TYPE` structure is part of OpenSSL’s public API and embedded in many parts of the library. As part of triaging this advisory, we audited accesses to `ASN1_TYPE` within the library and found no instances of type confusion. |
